A data security management and control method and system based on data link feature feedback
By constructing a data association feature map, quantifying the strength of data associations, and filtering out core and secondary control data, the blind spots and redundancy problems in data security control in existing technologies are solved, and efficient data security management is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- STATE GRID ANHUI ELECTRIC POWER CO LTD
- Filing Date
- 2026-03-05
- Publication Date
- 2026-06-09
AI Technical Summary
Existing data security management methods cannot accurately analyze data correlation characteristics, resulting in an inability to precisely define the management boundaries between core data and secondary related data. This leads to blind spots or excessive redundancy, ignoring potential security risks and reducing management efficiency.
By acquiring the multi-dimensional correlation features of the data to be stored, a data correlation feature map is constructed. Based on the analytic hierarchy process and topology analysis, the strength of data correlation is quantified, and core and secondary control data sets are selected to achieve precise security control.
It achieves a comprehensive and accurate representation of data relationships, improves the targeting and efficiency of control, and enhances the adaptability of control in complex data environments.
Smart Images

Figure CN122174251A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data security management technology, specifically to a data security management method and system based on data link feature feedback. Background Technology
[0002] In today's rapidly evolving digital transformation, data has become a core strategic asset for enterprises, institutions, and even nations, permeating all aspects of business operations, decision-making, and technological innovation. Data security management, as a crucial means of ensuring data integrity, confidentiality, and availability, is directly related to the achievement of privacy protection, business continuity, and compliance requirements. It serves as a core line of defense against security risks such as data leakage, tampering, and misuse. With the explosive growth of data volume and the increasing frequency of data interaction, the links between data are becoming increasingly complex, making data security management ever more important.
[0003] Currently, data security management suffers from several challenges. It struggles to accurately analyze stored data and select appropriate data for management based on specific correlation characteristics. Existing solutions often focus on single dimensions like data access permissions and encrypted storage, failing to identify hidden security risks. They frequently rely on simple keyword matching or manual labeling to identify related data, unable to quantify the strength of correlations or accurately define the control boundaries between core and secondary related data. This results in either overly redundant or blind-spot-filled management. Developing control strategies only for manually labeled core data ignores the potential security risks of directly and indirectly related data. These uncontrolled related data can become security breaches, leading to core data leaks. However, directly managing all related data is inefficient due to the sheer volume of data, further compromising data security management efficiency. Summary of the Invention
[0004] To address the aforementioned technical problems, this paper provides a data security management method and system based on data link feature feedback. This technical solution solves the problems mentioned in the background, such as the inability to accurately analyze the data to be stored and the inability to select appropriate data for management based on the specific association characteristics of the data to be stored. Existing solutions often focus on single dimensions such as data access permissions and encrypted storage, failing to identify hidden associated security risks. They often rely on simple keyword matching or manual labeling to identify associated data, failing to quantify the strength of the association between data and making it difficult to accurately define the management boundary between core data and secondary associated data. This results in either excessive redundancy or blind spots in management. Management strategies are only formulated for manually labeled core data, ignoring the potential security risks of directly and indirectly associated data. These unmanaged associated data may become security breaches, leading to the leakage of core data. However, if all associated data is managed directly, the management efficiency is low, and the data volume is too large, reducing the efficiency of data security management.
[0005] To achieve the above objectives, the technical solution adopted by the present invention is as follows: A data security management method based on data link feature feedback includes: Acquire the data to be stored, which includes data format information and corresponding data source information; Based on the data to be stored, and the interactive behavior throughout the data lifecycle, obtain multi-dimensional data correlation characteristics; Based on multi-dimensional data association characteristics, a data association feature map is constructed using data topology analysis. Based on data management requirements, a core management data set is obtained, which represents data that is manually marked and requires core management. Based on the core control data set and the data association feature map, obtain the secondary control data set; Data security is managed based on the core control data set and the secondary control data set.
[0006] Preferably, the step of constructing a data association feature map based on multi-dimensional data association features and data topology analysis specifically includes: Based on the data to be stored, obtain full data object information, which includes structured database tables, unstructured files, semi-structured interface data, and data streams, forming a data object collection; Based on data feature dimension analysis, obtain the associated features corresponding to the data to be stored under each data feature dimension, including lineage association features, attribute association features, permission association features and business association features; Based on any two data to be stored, the correlation features corresponding to the data to be stored are quantified and standardized to obtain the data feature coefficients corresponding to the two data to be stored. Based on the analytic hierarchy process, the weight coefficients corresponding to each data feature dimension are obtained; Based on the weight coefficients and data feature coefficients corresponding to each data feature dimension, the association strength weights are obtained using a weighted summation formula. A data association feature graph is constructed using the data object set as nodes and the association strength weight as the edge weight.
[0007] Preferably, the step of using any two pieces of data to be stored as a basis to perform quantization and standardization processing on the correlation features corresponding to the data to be stored, and obtaining the data feature coefficients corresponding to the two pieces of data to be stored, specifically includes: Based on the full data object information and the data log, obtain the data transmission link information corresponding to each piece of data to be stored. The data transmission link information includes data generation node, transmission node, processing node, storage node, and usage node. Based on any two pieces of data to be stored, and using these two pieces of data as target data, obtain the common transmission link corresponding to the target data; Based on data link analysis, the feature node information corresponding to each target data is obtained, and the feature node includes data generation node and storage node; Based on the data transmission link information, obtain the total number of link nodes corresponding to each target data; Based on the common transmission link and feature node information, obtain the number of link feature nodes corresponding to each target data; If the common transmission link includes characteristic nodes, the number of nodes in the common transmission link is directly taken as the number of characteristic nodes in the link. If the common transmission link does not include characteristic nodes, the sum of the number of nodes in the common transmission link and the number of characteristic nodes is taken as the number of characteristic nodes in the link. The ratio of the number of link feature nodes corresponding to each target data to the total number of corresponding link nodes is used as the link proportion coefficient; The average of the link proportion coefficients corresponding to these two target data is used as the first data feature coefficient.
[0008] Preferably, the step of quantizing and standardizing the correlation features corresponding to any two pieces of data to be stored, and obtaining the data feature coefficients corresponding to these two pieces of data, further includes: Based on the full data object information, obtain the set of fields corresponding to the target data, wherein the fields include name, data type and field length; Based on the set of fields corresponding to the target data, obtain the valid matching fields. The valid matching fields are those whose field names are completely identical and whose data types and lengths are exactly the same or compatible. The ratio of the number of valid matching fields to the total number of fields in the target data is used as the second data feature coefficient; Based on the full data object information, obtain the access subject information corresponding to the target data; Based on the access subject information, duplicate access subjects are removed to obtain the access subject set; The sum of the number of access subjects corresponding to the target data is used as the benchmark access subject coefficient; The number of accessing subjects in the set of accessing subjects is used as the characteristic number of accessing subjects; Based on the Jaccard similarity coefficient, the ratio of the number of feature access subjects to the baseline access subject coefficient is used as the third data feature coefficient. Based on the full data object information, obtain the interaction frequency information corresponding to the target data. The interaction behaviors include data transmission, invocation, and related queries. Based on data access settings analysis, obtain the time window; Based on the time window, obtain the maximum and minimum number of interactions for each target data within the time window; Based on the interaction frequency information corresponding to the target data, obtain the average number of interactions for each target data. Based on the average number of interactions, the maximum number of interactions, and the minimum number of interactions, and using data normalization, the basic interaction coefficient corresponding to each target data is obtained. The mean of the basic interaction coefficients corresponding to the target data is used as the fourth data feature coefficient.
[0009] Preferably, obtaining the secondary control data set based on the core control data set and the data association feature map specifically includes: Based on the core control data set, obtain the corresponding core control data object; Based on the data association feature map, and taking the core control data object as the basis, a set of directly associated nodes is obtained. The set of directly associated nodes represents the associated nodes that have a direct topological connection between the data association feature map and the core control data object. Based on directly related nodes, obtain the core control data object corresponding to each directly related node; The sum of the association strength weights between each directly associated node and its corresponding core control data object is used as the data control coefficient of that directly associated node. Based on the data association feature map, nodes that have a direct topological connection with directly associated nodes are considered as indirectly associated nodes; The ratio of the data control coefficient of each directly related node to the number of corresponding indirectly related nodes is used as the association weight threshold of that directly related node; Based on the association strength weight and association weight threshold between directly associated nodes and each indirectly associated node, the indirectly associated nodes are filtered to obtain the characteristic associated nodes. If the association strength weight between a directly associated node and any indirectly associated node exceeds the association weight threshold, then the indirectly associated node is taken as the feature associated node of the directly associated node. Based on the characteristic-related nodes, and using node topology analysis, the baseline related nodes are obtained; Based on the data objects corresponding to the baseline associated nodes and the directly associated node sets, obtain the secondary control data set.
[0010] Preferably, the step of obtaining the baseline associated nodes based on node topology analysis according to the feature-related nodes specifically includes: Based on the feature-related nodes, the feature-related node network is obtained by using the corresponding nodes and the related edges between nodes in the data-related feature graph. Based on the feature-related node network, obtain the maximum number of edges associated with each node; The ratio of the number of associated edges of each feature-associated node to the maximum number of associated edges of the node is used as the node centrality coefficient of that feature-associated node. Based on the node centrality coefficient corresponding to each feature-associated node, obtain the mean and standard deviation of the node centrality coefficient; Based on the mean and standard deviation of the node centrality coefficient, The principle is to obtain the threshold value of the node center coefficient; Feature-related nodes whose node centrality coefficient exceeds the node centrality coefficient threshold are used as benchmark-related nodes.
[0011] Furthermore, a data security management and control system based on data link feature feedback is proposed to implement the management and control method described above, including: The main control module is used to construct a data association feature graph with a set of data objects as nodes and association strength weights as edge weights, obtain a core control data set based on data management requirements, obtain a secondary control data set based on the core control data set and the data association feature graph, and perform security management on the data based on the core control data set and the secondary control data set. The information acquisition module is used to acquire the data to be stored, acquire the full data object information based on the data to be stored, and acquire the associated features corresponding to the data to be stored under each data feature dimension based on data feature dimension analysis. The data association analysis module is used to quantify and standardize the association features corresponding to any two data to be stored, obtain the data feature coefficients corresponding to the two data to be stored, obtain the weight coefficients corresponding to each data feature dimension based on the analytic hierarchy process, and obtain the association strength weights based on the weight coefficients and data feature coefficients corresponding to each data feature dimension and the weighted summation formula. The display module interacts with the main control module and is used to output and display data association feature maps, core control data sets, and secondary control data sets.
[0012] Optionally, the main control module specifically includes: The control unit is used to acquire a core control data set based on data control requirements, acquire a secondary control data set based on the core control data set and the data association feature map, and perform security control on the data based on the core control data set and the secondary control data set. An information receiving unit interacts with an information acquisition module and a data association analysis module to receive data and transmit it to a feature map construction unit. The feature graph construction unit is used to construct a data association feature graph using a set of data objects as nodes and association strength weights as edge weights.
[0013] Optionally, the information acquisition module specifically includes: The first acquisition unit is used to acquire data to be stored, the data to be stored including data format information and corresponding data source information; The second acquisition unit is used to acquire full data object information based on the data to be stored, and to acquire the associated features corresponding to the data to be stored under each data feature dimension based on data feature dimension analysis.
[0014] Optionally, the data correlation analysis module specifically includes: The feature quantization unit is used to perform quantization and standardization processing on the associated features of any two data to be stored, based on any two data to be stored, to obtain the data feature coefficients corresponding to the two data to be stored. The association analysis unit is used to obtain the weight coefficients corresponding to each data feature dimension based on the analytic hierarchy process, and to obtain the association strength weights based on the weight coefficients and data feature coefficients corresponding to each data feature dimension and the weighted summation formula.
[0015] Compared with the prior art, the beneficial effects of the present invention are as follows: This invention proposes a data security management method and system based on data link feature feedback. By mining multi-dimensional correlation features of data and performing quantitative and standardized processing, a comprehensive and accurate representation of data correlation relationships is achieved. By using correlation strength weights, a topological feature graph with data objects as nodes and correlation strength as edges is constructed, realizing the visualization and quantification of data correlations. By tracing directly related nodes through core management data, and setting a screening threshold based on the sum of correlation strength weights and the number of indirect nodes, feature-related nodes are accurately screened, enabling the targeted identification of secondary management data. By screening the benchmark nodes of core correlations, the precise focus of secondary management data is achieved, improving the targeting and efficiency of management, and strengthening the adaptability of management in complex data environments. Attached Figure Description
[0016] Figure 1 This is a flowchart of a data security management method based on data link feature feedback proposed in this invention; Figure 2 This is a flowchart of the data association feature map acquisition process in this invention; Figure 3 This is a flowchart of the process for obtaining the first data feature coefficient in this invention; Figure 4 This is a flowchart of the secondary control data set acquisition process in this invention; Figure 5 This is a block diagram of a data security management and control system based on data link feature feedback proposed in this invention. Detailed Implementation
[0017] The following description is intended to disclose the invention and enable those skilled in the art to implement it. The preferred embodiments described below are merely examples, and other obvious variations will occur to those skilled in the art.
[0018] Reference Figure 1 - Figure 4 As shown in the figure, a data security management method based on data link feature feedback in an embodiment of the present invention includes: Acquire the data to be stored, which includes data format information and corresponding data source information; Based on the data to be stored, and the interactive behavior throughout the data lifecycle, obtain multi-dimensional data correlation characteristics; Based on multi-dimensional data association characteristics, a data association feature map is constructed using data topology analysis. Specifically, based on multi-dimensional data association characteristics and data topology analysis, a data association feature map is constructed, including: Based on the data to be stored, obtain full data object information, which includes structured database tables, unstructured files, semi-structured interface data, and data streams, forming a data object collection; Based on data feature dimension analysis, obtain the associated features corresponding to the data to be stored under each data feature dimension, including lineage association features, attribute association features, permission association features and business association features; Based on any two data to be stored, the correlation features corresponding to the data to be stored are quantified and standardized to obtain the data feature coefficients corresponding to the two data to be stored. Based on the analytic hierarchy process, the weight coefficients corresponding to each data feature dimension are obtained; Based on the weight coefficients and data feature coefficients corresponding to each data feature dimension, the association strength weights are obtained using a weighted summation formula. A data association feature graph is constructed using the data object set as nodes and the association strength weight as the edge weight.
[0019] This solution comprehensively incorporates structured database tables, unstructured files, semi-structured interface data, and data streams to form a complete set of data objects, providing a comprehensive data foundation for subsequent correlation analysis. It extracts correlation features from four core dimensions: lineage, attributes, permissions, and business, fully capturing the interaction patterns throughout the data lifecycle. This replaces one-sided analysis based on a single dimension, making the representation of data relationships more three-dimensional. The correlation features of any two data points are quantified and standardized to obtain data feature coefficients of a unified dimension, avoiding analytical biases caused by differences in units and magnitudes of the original features. This provides accurate and comparable basic data for calculating correlation strength. Based on the analytic hierarchy process (AHP), the weight coefficients of each feature dimension are determined, and the correlation strength weight is obtained by weighted summation of the data feature coefficients. This ensures that the calculation of correlation strength considers both multi-dimensional features and highlights the influence of core dimensions, improving the scientific rigor and credibility of data correlation quantification.
[0020] It is important to note that lineage-related features include data generation source, transmission link, and processing node dependency relationships; attribute-related features include data field matching degree, data type consistency, and format compatibility; permission-related features include access subject overlap rate, authorization scope intersection ratio, and operation permission similarity; and business-related features include business process consistency, usage scenario overlap, and interaction frequency. In this embodiment, the weight coefficient for the lineage-related feature dimension is 0.35, the weight coefficient for the attribute-related feature dimension is 0.25, the weight coefficient for the permission-related feature dimension is 0.2, and the weight coefficient for the business-related feature dimension is 0.2. In the analytic hierarchy process (AHP), this is specifically divided into a criterion layer and a solution layer. I. Weight Allocation of Criteria Layer (Degree of Security Impact, Strength of Business Relevance) The core of the Analytic Hierarchy Process (AHP) is the hierarchical structure of "objective-criteria-option". First, the weights of the criteria layer relative to the objective layer must be determined, which forms the basis for weight composition at the option layer. Priority positioning of the criteria layer: The core objective of data security management is to "minimize data security risks while ensuring business continuity". Therefore, the priority of security impact is higher than that of business correlation in the criteria layer. Thus, the weight of security impact is 0.52, and the weight of business management intensity is 0.48.
[0021] II. Weight Allocation of the Scheme Layer (Four Types of Association Features) under the Criterion Layer The solution layer weights need to calculate the "weight of each feature's impact on security" and the "weight of each feature's correlation with business" separately, and then synthesize the total weights through the criterion layer weights. Each step is based on the actual application scenario of the features. (I) Weighting of each feature in relation to the degree of security impact (Core basis: Risk transmission and prevention value) The "Security Impact Level" criterion focuses on "whether features can directly support security risk identification, tracing, and prevention." Feature priority is ranked as follows: lineage association > attribute association > permission association > business association. Lineage characteristics (weight 0.43): In data security incidents, "incomplete lineage" is the core reason why the source cannot be traced after the leak and the risk expands (for example, after a company's data is leaked, the leak node cannot be located due to the broken lineage link). It has the highest value for preventing and controlling security risks.
[0022] In pairwise comparisons, the importance scale of blood relation to attribute relation is 1.5 (slightly important), to permission relation is 2 (important), and to business relation is 3 (significantly important).
[0023] Attribute association feature (weight 0.28): Incorrect attribute matching can easily lead to misidentification of sensitive data (such as classifying non-sensitive fields as sensitive fields, or vice versa), which in turn can cause control failure or over-control. Its security impact is second only to lineage association. Compared with permission association, attribute association plays a more crucial role in supporting the accurate identification of sensitive data, with an importance scale of 1.3 (slightly important).
[0024] Permission association characteristics (weight 0.17): The overlap rate of access subjects directly reflects the potential risk of unauthorized access (if the same subject can access core data and secondary data, it is easy to cause cross-leakage), but permission control can be assisted by other means (such as the principle of least privilege), and the security impact is relatively indirect.
[0025] Business-related characteristics (weight 0.12): High frequency of business interactions does not directly equate to high security risk (such as high-frequency interactions in normal business processes). Its direct impact on security risk is minimal, and it only provides auxiliary judgment when business processes are abnormal.
[0026] (II) Weighting of each feature to “Business Relevance Strength” (Core basis: Business process support value) The "Business Relevance Strength" criterion focuses on "whether features can reflect the collaborative value of data in business processes and avoid control measures affecting business efficiency." Feature priority is ranked as follows: Business Relevance > Attribute Relevance > Lineage Relevance > Permission Relevance. Specifically: Business Relationship Feature (Weight 0.40): The frequency of business interactions directly reflects the degree of data dependence in the business process (such as the high-frequency interaction between order data and payment data, which is the core of the business loop), and it has the greatest impact on business continuity. In pairwise comparisons, the importance scale of business relationship to attribute relationship is 1.4 (slightly important), and the scale to other features is ≥2 (important or above).
[0027] Attribute association feature (weight 0.29): The matching degree of data attributes determines whether business data can be interacted normally (such as inconsistent field formats leading to data synchronization failure). It is the foundation for the smooth operation of business processes and its supporting value is second only to business association.
[0028] Bloodline association feature (weight 0.21): Bloodline integrity ensures the traceability of business data (e.g., when business data is abnormal, the source of the problem needs to be located through bloodline), but its impact on real-time business operation is less than that of attributes and business association.
[0029] Permission association feature (weight 0.10): The overlap rate of access subjects has the least direct support effect on business processes (as long as the permission configuration is reasonable, even if the overlap rate is low, it will not affect the business), and only provides slight assistance when multiple departments collaborate.
[0030] III. Composition of the Total Weight Vector The logic for synthesizing the total weight is as follows: Total weight = (Weight of feature on security × Security weight of criterion layer) + (Weight of feature on business × Business weight of criterion layer). The calculation process is as follows: Blood relation:
[0031] Attribute association: (After consistency adjustment, take 0.25) Permission association:
[0032] Business Relationships: (Weigh and balance permissions to avoid excessive business weight that neglects security).
[0033] The specific association strength weight is as follows:
[0034] In the formula, For the association strength weight, These are the weighting coefficients for the blood relation feature dimension. These are the weight coefficients for the attribute-related feature dimensions. These are the weight coefficients for the permission-related feature dimension. These are the weighting coefficients for the business-related feature dimensions. The first data characteristic coefficient, The second data characteristic coefficient, The third data characteristic coefficient, This is the fourth data characteristic coefficient.
[0035] Specifically, based on any two data points to be stored, the correlation features corresponding to the data points are quantized and standardized to obtain the data feature coefficients corresponding to these two data points, including: Based on the full data object information and the data log, obtain the data transmission link information corresponding to each piece of data to be stored. The data transmission link information includes data generation node, transmission node, processing node, storage node, and usage node. Based on any two pieces of data to be stored, and using these two pieces of data as target data, obtain the common transmission link corresponding to the target data; Based on data link analysis, the feature node information corresponding to each target data is obtained, and the feature node includes data generation node and storage node; Based on the data transmission link information, obtain the total number of link nodes corresponding to each target data; Based on the common transmission link and feature node information, obtain the number of link feature nodes corresponding to each target data; If the common transmission link includes characteristic nodes, the number of nodes in the common transmission link is directly taken as the number of characteristic nodes in the link. If the common transmission link does not include characteristic nodes, the sum of the number of nodes in the common transmission link and the number of characteristic nodes is taken as the number of characteristic nodes in the link. The ratio of the number of link feature nodes corresponding to each target data to the total number of corresponding link nodes is used as the link proportion coefficient; The average of the link proportion coefficients corresponding to these two target data is used as the first data feature coefficient.
[0036] This solution comprehensively captures the correlation traces of the entire data flow process through the entire data transmission link information, enabling data correlation analysis to cover the "entire data flow path." It selectively extracts key feature nodes such as generation nodes and storage nodes, rather than performing a general calculation of all link node matches. This makes the quantification of link correlation more aligned with the core concerns of data security management. The ratio of the number of link feature nodes to the total number of link nodes is calculated as a proportion coefficient, and the average of the two target data is taken to obtain the first data feature coefficient. This transforms the abstract link correlation relationship into a unified dimension of quantitative indicators, providing accurate and comparable basic data for subsequent multi-dimensional feature fusion calculations of correlation strength. This connects subsequent correlation calculations and supports the first data feature coefficient generated by the graph construction as the core quantitative indicator of the lineage correlation dimension. It provides key support for subsequent calculations of correlation strength weights combined with other dimension features (attributes, permissions, business), ensuring the logical coherence and data support integrity of the data correlation feature graph construction.
[0037] It is understandable that for any set of any target data, although the overlapping link portion is fixed, the proportion of the overlapping link in their respective transmission links is quite different. If one of them or the average is directly used as the quantitative value of the lineage relationship feature, it cannot accurately reflect the accurate status of the two target data on the transmission link.
[0038] Specifically, based on any two data points to be stored, the correlation features corresponding to the data points to be stored are quantized and standardized to obtain the data feature coefficients corresponding to these two data points to be stored, which also includes: Based on the full data object information, obtain the set of fields corresponding to the target data, wherein the fields include name, data type and field length; Based on the set of fields corresponding to the target data, obtain the valid matching fields. The valid matching fields are those whose field names are completely identical and whose data types and lengths are exactly the same or compatible. The ratio of the number of valid matching fields to the total number of fields in the target data is used as the second data feature coefficient; Based on the full data object information, obtain the access subject information corresponding to the target data; Based on the access subject information, duplicate access subjects are removed to obtain the access subject set; The sum of the number of access subjects corresponding to the target data is used as the benchmark access subject coefficient; The number of accessing subjects in the set of accessing subjects is used as the characteristic number of accessing subjects; Based on the Jaccard similarity coefficient, the ratio of the number of feature access subjects to the baseline access subject coefficient is used as the third data feature coefficient. Based on the full data object information, obtain the interaction frequency information corresponding to the target data. The interaction behaviors include data transmission, invocation, and related queries. Based on data access settings analysis, obtain the time window; Based on the time window, obtain the maximum and minimum number of interactions for each target data within the time window; Based on the interaction frequency information corresponding to the target data, obtain the average number of interactions for each target data. Based on the average number of interactions, the maximum number of interactions, and the minimum number of interactions, and using data normalization, the basic interaction coefficient corresponding to each target data is obtained. The mean of the basic interaction coefficients corresponding to the target data is used as the fourth data feature coefficient.
[0039] In this solution, by clearly defining the criteria for valid matching fields (identical names + same or compatible data types / lengths), the proportion of valid matching fields is calculated to obtain the second data feature coefficient. This transforms abstract attribute associations into quantifiable indicators, accurately reflecting the degree of structural correlation between two data sets. It is important to note that when fields cannot be extracted from unstructured data, keyword sets, format types (e.g., docx, pdf), image extraction resolution, format (e.g., jpg, png), and core feature values (e.g., hash values extracted through image algorithms) are used as fields for unstructured data. Based on access subject deduplication and Jaccard similarity coefficients, the third data feature coefficient is derived to quantify the overlap of access permissions between two data sets, providing a precise basis for identifying permission risks in security management. A time window is introduced, combined with the maximum, minimum, and average number of interactions and data normalization processing, to obtain the fourth data feature coefficient reflecting the intensity of business interactions. This considers both interaction frequency and interaction fluctuation characteristics, accurately characterizing the closeness of business collaboration between data sets. The second, third, and fourth data feature coefficients correspond to attributes, permissions, and business dimensions, respectively. Together with the first data feature coefficient (lineage dimension), they form a complete multi-dimensional association feature quantification system, making the representation of data association more three-dimensional and comprehensive, covering the core association scenarios throughout the data lifecycle, and providing comparable and reliable basic data for subsequent combination of analytic hierarchy process weight coefficients and weighted summation to obtain association strength weights.
[0040] It is important to note that in this embodiment, the time window is 30 days, which can fully cover a business loop. This ensures that the frequency of collected interactions reflects the "data collaboration relationship under normal business processes" rather than short-term temporary interactions (such as high-frequency interactions during a single-day promotion). Even for high-frequency businesses (such as e-commerce order processing and payment data interactions), 30 days can smooth out intraday and intraweek fluctuations (such as the interaction differences between weekdays and weekends). This avoids the situation where "occasional high frequency" is misjudged as "strong business correlation" due to a window that is too short (such as 7 days), or where "business correlation changes" cannot be captured in a timely manner due to a window that is too long (such as 90 days) (such as the interaction relationship of newly added business processes).
[0041] Based on data management requirements, a core management data set is obtained, which represents data that is manually marked and requires core management. Based on the core control data set and the data association feature map, obtain the secondary control data set; Specifically, based on the core control data set and the data association feature map, a secondary control data set is obtained, which includes: Based on the core control data set, obtain the corresponding core control data object; Based on the data association feature map, and taking the core control data object as the basis, a set of directly associated nodes is obtained. The set of directly associated nodes represents the associated nodes that have a direct topological connection between the data association feature map and the core control data object. Based on directly related nodes, obtain the core control data object corresponding to each directly related node; The sum of the association strength weights between each directly associated node and its corresponding core control data object is used as the data control coefficient of that directly associated node. Based on the data association feature map, nodes that have a direct topological connection with directly associated nodes are considered as indirectly associated nodes; The ratio of the data control coefficient of each directly related node to the number of corresponding indirectly related nodes is used as the association weight threshold of that directly related node; Based on the association strength weight and association weight threshold between directly associated nodes and each indirectly associated node, the indirectly associated nodes are filtered to obtain the characteristic associated nodes. If the association strength weight between a directly associated node and any indirectly associated node exceeds the association weight threshold, then the indirectly associated node is taken as the feature associated node of the directly associated node. Based on the characteristic-related nodes, and using node topology analysis, the baseline related nodes are obtained; Based on the data objects corresponding to the baseline associated nodes and the directly associated node sets, obtain the secondary control data set.
[0042] This solution traces directly related nodes back to the core controlled data objects, then extends to identify indirect related nodes, constructing a complete control link of "core data - direct association - indirect association." This ensures that security control covers the entire association network of core data. The sum of the association strength weights between directly related nodes and core data is used as the data control coefficient, quantifying the security importance level of different directly related nodes. This allows subsequent control resources to be tilted towards high-importance nodes, improving the efficiency of control resource utilization. Based on the ratio of the data control coefficient of directly related nodes to the corresponding number of indirect nodes, an association weight threshold is set to achieve a dynamic screening standard of "one node, one threshold." This makes the screening of indirect related nodes more in line with actual association patterns, avoiding the omission of key nodes or the misscreening of irrelevant nodes. It accurately screens characteristic related nodes, eliminating redundant controlled objects and retaining only indirect related nodes whose association strength weight with directly related nodes exceeds the threshold as characteristic related nodes. This ensures that secondary control data consists of high-risk objects strongly associated with core data. By obtaining benchmark related nodes through node topology analysis, the solution focuses on core hub nodes in the indirect association network, ensuring that secondary control data covers key indirect associations while avoiding excessive diffusion of the control scope, thus improving the accuracy and execution efficiency of security control.
[0043] Specifically, based on the characteristic associated nodes, and through node topology analysis, baseline associated nodes are obtained, including: Based on the feature-related nodes, the feature-related node network is obtained by using the corresponding nodes and the related edges between nodes in the data-related feature graph. Based on the feature-related node network, obtain the maximum number of edges associated with each node; The ratio of the number of associated edges of each feature-associated node to the maximum number of associated edges of the node is used as the node centrality coefficient of that feature-associated node. Based on the node centrality coefficient corresponding to each feature-associated node, obtain the mean and standard deviation of the node centrality coefficient; Based on the mean and standard deviation of the node centrality coefficient, The principle is to obtain the threshold value of the node center coefficient; Feature-related nodes whose node centrality coefficient exceeds the node centrality coefficient threshold are used as benchmark-related nodes.
[0044] This scheme constructs a topology network through feature-related nodes, integrating node and inter-node edge information to visualize and systematize the relationships between related nodes. This provides a global perspective for identifying core related nodes. The node centrality coefficient is calculated by the ratio of the number of nodes' associated edges to the maximum value, quantifying the core hub status of each feature-related node in the network and making node importance assessment more objective. The principle combines the mean and standard deviation of the node centrality coefficient to set a threshold, thereby improving the accuracy and rationality of the threshold setting. By selecting characteristic associated nodes that exceed the threshold as benchmark associated nodes, the core key nodes in the indirect associated network are accurately focused, thereby strengthening the pertinence and efficiency of secondary control.
[0045] Data security is managed based on the core control data set and the secondary control data set.
[0046] It is understandable that the above scheme has specifically selected the data that needs to be security controlled. Data security control is common knowledge for those in the field, such as storage encryption, transmission protection, and access permission settings. For example, for core control data, AES-256 encryption algorithm is used for storage encryption, and HTTPS protocol + national cryptographic SM4 encryption is used for dual protection during transmission. Access permissions are verified by "role permissions + multi-factor authentication (password + device fingerprint + dynamic verification code)" triple verification. Operation behavior is audited in real time throughout the process, and the log retention period is set to 180 days. The log content includes the access subject, operation time, operation content, data flow path and verification result. For secondary control data, AES-128 encryption algorithm is used for storage, HTTPS protocol encryption is used for transmission, and access permissions are verified by "role permissions + password authentication". Operation logs are retained for 90 days. High-risk operations such as data export, modification and deletion are audited in detail. High-risk operation thresholds are set (the number of exports per day ≤ 3 times, the amount of data modified per time ≤ 10%). If the threshold is exceeded, an alarm is automatically triggered.
[0047] Reference Figure 5 As shown, further, combining the above-mentioned data security management method based on data link feature feedback, a data security management system based on data link feature feedback is proposed, including: The main control module is used to construct a data association feature graph with a set of data objects as nodes and association strength weights as edge weights, obtain a core control data set based on data management requirements, obtain a secondary control data set based on the core control data set and the data association feature graph, and perform security management on the data based on the core control data set and the secondary control data set. The information acquisition module is used to acquire the data to be stored, acquire the full data object information based on the data to be stored, and acquire the associated features corresponding to the data to be stored under each data feature dimension based on data feature dimension analysis. The data association analysis module is used to quantify and standardize the association features corresponding to any two data to be stored, obtain the data feature coefficients corresponding to the two data to be stored, obtain the weight coefficients corresponding to each data feature dimension based on the analytic hierarchy process, and obtain the association strength weights based on the weight coefficients and data feature coefficients corresponding to each data feature dimension and the weighted summation formula. The display module interacts with the main control module and is used to output and display data association feature maps, core control data sets, and secondary control data sets.
[0048] The main control module specifically includes: The control unit is used to acquire a core control data set based on data control requirements, acquire a secondary control data set based on the core control data set and the data association feature map, and perform security control on the data based on the core control data set and the secondary control data set. An information receiving unit interacts with an information acquisition module and a data association analysis module to receive data and transmit it to a feature map construction unit. The feature graph construction unit is used to construct a data association feature graph using a set of data objects as nodes and association strength weights as edge weights.
[0049] The information acquisition module specifically includes: The first acquisition unit is used to acquire data to be stored, the data to be stored including data format information and corresponding data source information; The second acquisition unit is used to acquire full data object information based on the data to be stored, and to acquire the associated features corresponding to the data to be stored under each data feature dimension based on data feature dimension analysis.
[0050] The data correlation analysis module specifically includes: The feature quantization unit is used to perform quantization and standardization processing on the associated features of any two data to be stored, based on any two data to be stored, to obtain the data feature coefficients corresponding to the two data to be stored. The association analysis unit is used to obtain the weight coefficients corresponding to each data feature dimension based on the analytic hierarchy process, and to obtain the association strength weights based on the weight coefficients and data feature coefficients corresponding to each data feature dimension and the weighted summation formula.
[0051] In summary, the advantages of this invention are as follows: by mining multi-dimensional correlation features of data and performing quantitative and standardized processing, a comprehensive and accurate representation of data correlation relationships is achieved; by constructing a topological feature graph with data objects as nodes and correlation strength as edges through correlation strength weights, visualization and quantification of data correlations are realized; by tracing directly related nodes through core control data, and by setting a screening threshold based on the sum of correlation strength weights and the number of indirect nodes, feature-related nodes are accurately screened, enabling targeted identification of secondary control data; by screening the benchmark nodes of core correlations, precise focusing of secondary control data is achieved, improving the targeting and efficiency of control, and strengthening the adaptability of control in complex data environments.
[0052] The foregoing has shown and described the basic principles, main features, and advantages of the present invention. Those skilled in the art should understand that the present invention is not limited to the above embodiments. The embodiments and descriptions in the specification are merely principles of the invention. Various changes and modifications can be made to the invention without departing from its spirit and scope, and all such changes and modifications fall within the scope of the claimed invention. The scope of protection claimed by the appended claims and their equivalents is defined.
Claims
1. A data security management method based on data link feature feedback, characterized in that, include: Acquire the data to be stored, which includes data format information and corresponding data source information; Based on the data to be stored, and the interactive behavior throughout the data lifecycle, obtain multi-dimensional data correlation characteristics; Based on multi-dimensional data association characteristics, a data association feature map is constructed using data topology analysis. Based on data management requirements, a core management data set is obtained, which represents data that is manually marked and requires core management. Based on the core control data set and the data association feature map, obtain the secondary control data set; Data security is managed based on the core control data set and the secondary control data set.
2. The data security management method based on data link feature feedback according to claim 1, characterized in that, The construction of a data association feature map based on multi-dimensional data association characteristics and data topology analysis specifically includes: Based on the data to be stored, obtain full data object information, which includes structured database tables, unstructured files, semi-structured interface data, and data streams, forming a data object collection; Based on data feature dimension analysis, obtain the associated features corresponding to the data to be stored under each data feature dimension, including lineage association features, attribute association features, permission association features and business association features; Based on any two data to be stored, the correlation features corresponding to the data to be stored are quantified and standardized to obtain the data feature coefficients corresponding to the two data to be stored. Based on the analytic hierarchy process, the weight coefficients corresponding to each data feature dimension are obtained; Based on the weight coefficients and data feature coefficients corresponding to each data feature dimension, the association strength weights are obtained using a weighted summation formula. A data association feature graph is constructed using the data object set as nodes and the association strength weight as the edge weight.
3. The data security management method based on data link feature feedback according to claim 2, characterized in that, The step of using any two data points to be stored as a basis to perform quantitative and standardized processing on the correlation features corresponding to the data points to be stored, and obtaining the data feature coefficients corresponding to these two data points to be stored, specifically includes: Based on the full data object information and the data log, obtain the data transmission link information corresponding to each piece of data to be stored. The data transmission link information includes data generation node, transmission node, processing node, storage node, and usage node. Based on any two pieces of data to be stored, and using these two pieces of data as target data, obtain the common transmission link corresponding to the target data; Based on data link analysis, the feature node information corresponding to each target data is obtained, and the feature node includes data generation node and storage node; Based on the data transmission link information, obtain the total number of link nodes corresponding to each target data; Based on the common transmission link and feature node information, obtain the number of link feature nodes corresponding to each target data; If the common transmission link includes characteristic nodes, the number of nodes in the common transmission link is directly taken as the number of characteristic nodes in the link. If the common transmission link does not include characteristic nodes, the sum of the number of nodes in the common transmission link and the number of characteristic nodes is taken as the number of characteristic nodes in the link. The ratio of the number of link feature nodes corresponding to each target data to the total number of corresponding link nodes is used as the link proportion coefficient; The average of the link proportion coefficients corresponding to these two target data is used as the first data feature coefficient.
4. The data security management method based on data link feature feedback according to claim 3, characterized in that, The step of quantifying and standardizing the correlation features corresponding to any two data points to be stored, and obtaining the data feature coefficients corresponding to these two data points, further includes: Based on the full data object information, obtain the set of fields corresponding to the target data, wherein the fields include name, data type and field length; Based on the set of fields corresponding to the target data, obtain the valid matching fields. The valid matching fields are those whose field names are completely identical and whose data types and lengths are exactly the same or compatible. The ratio of the number of valid matching fields to the total number of fields in the target data is used as the second data feature coefficient; Based on the full data object information, obtain the access subject information corresponding to the target data; Based on the access subject information, duplicate access subjects are removed to obtain the access subject set; The sum of the number of access subjects corresponding to the target data is used as the benchmark access subject coefficient; The number of accessing subjects in the set of accessing subjects is used as the characteristic number of accessing subjects; Based on the Jaccard similarity coefficient, the ratio of the number of feature access subjects to the baseline access subject coefficient is used as the third data feature coefficient. Based on the full data object information, obtain the interaction frequency information corresponding to the target data. The interaction behaviors include data transmission, invocation, and related queries. Based on data access settings analysis, obtain the time window; Based on the time window, obtain the maximum and minimum number of interactions for each target data within the time window; Based on the interaction frequency information corresponding to the target data, obtain the average number of interactions for each target data. Based on the average number of interactions, the maximum number of interactions, and the minimum number of interactions, and using data normalization, the basic interaction coefficient corresponding to each target data is obtained. The mean of the basic interaction coefficients corresponding to the target data is used as the fourth data feature coefficient.
5. A data security management method based on data link feature feedback according to claim 4, characterized in that, The process of obtaining the secondary control data set based on the core control data set and the data association feature map specifically includes: Based on the core control data set, obtain the corresponding core control data object; Based on the data association feature map, and taking the core control data object as the basis, a set of directly associated nodes is obtained. The set of directly associated nodes represents the associated nodes that have a direct topological connection between the data association feature map and the core control data object. Based on directly related nodes, obtain the core control data object corresponding to each directly related node; The sum of the association strength weights between each directly associated node and its corresponding core control data object is used as the data control coefficient of that directly associated node. Based on the data association feature map, nodes that have a direct topological connection with directly associated nodes are considered as indirectly associated nodes; The ratio of the data control coefficient of each directly related node to the number of corresponding indirectly related nodes is used as the association weight threshold of that directly related node; Based on the association strength weight and association weight threshold between directly associated nodes and each indirectly associated node, the indirectly associated nodes are filtered to obtain the characteristic associated nodes. If the association strength weight between a directly associated node and any indirectly associated node exceeds the association weight threshold, then the indirectly associated node is taken as the feature associated node of the directly associated node. Based on the characteristic-related nodes, and using node topology analysis, the baseline related nodes are obtained; Based on the data objects corresponding to the baseline associated nodes and the directly associated node sets, obtain the secondary control data set.
6. The data security management method based on data link feature feedback according to claim 5, characterized in that, The step of obtaining baseline associated nodes based on feature-related nodes and node topology analysis specifically includes: Based on the feature-related nodes, the feature-related node network is obtained by using the corresponding nodes and the related edges between nodes in the data-related feature graph. Based on the feature-related node network, obtain the maximum number of edges associated with each node; The ratio of the number of associated edges of each feature-associated node to the maximum number of associated edges of the node is used as the node centrality coefficient of that feature-associated node. Based on the node centrality coefficient corresponding to each feature-associated node, obtain the mean and standard deviation of the node centrality coefficient; Based on the mean and standard deviation of the node centrality coefficient, The principle is to obtain the threshold value of the node center coefficient; Feature-related nodes whose node centrality coefficient exceeds the node centrality coefficient threshold are used as benchmark-related nodes.
7. A data security management and control system based on data link feature feedback, used to implement the management and control method as described in any one of claims 1-6, characterized in that, include: The main control module is used to construct a data association feature graph with a set of data objects as nodes and association strength weights as edge weights, obtain a core control data set based on data management requirements, obtain a secondary control data set based on the core control data set and the data association feature graph, and perform security management on the data based on the core control data set and the secondary control data set. The information acquisition module is used to acquire the data to be stored, acquire the full data object information based on the data to be stored, and acquire the associated features corresponding to the data to be stored under each data feature dimension based on data feature dimension analysis. The data association analysis module is used to quantify and standardize the association features corresponding to any two data to be stored, obtain the data feature coefficients corresponding to the two data to be stored, obtain the weight coefficients corresponding to each data feature dimension based on the analytic hierarchy process, and obtain the association strength weights based on the weight coefficients and data feature coefficients corresponding to each data feature dimension and the weighted summation formula. The display module interacts with the main control module and is used to output and display data association feature maps, core control data sets, and secondary control data sets.
8. A data security management and control system based on data link feature feedback according to claim 7, characterized in that, The main control module specifically includes: The control unit is used to acquire a core control data set based on data control requirements, acquire a secondary control data set based on the core control data set and the data association feature map, and perform security control on the data based on the core control data set and the secondary control data set. An information receiving unit interacts with an information acquisition module and a data association analysis module to receive data and transmit it to a feature map construction unit. The feature graph construction unit is used to construct a data association feature graph using a set of data objects as nodes and association strength weights as edge weights.
9. A data security management and control system based on data link feature feedback according to claim 7, characterized in that, The information acquisition module specifically includes: The first acquisition unit is used to acquire data to be stored, the data to be stored including data format information and corresponding data source information; The second acquisition unit is used to acquire full data object information based on the data to be stored, and to acquire the associated features corresponding to the data to be stored under each data feature dimension based on data feature dimension analysis.
10. A data security management and control system based on data link feature feedback according to claim 7, characterized in that, The data correlation analysis module specifically includes: The feature quantization unit is used to perform quantization and standardization processing on the associated features of any two data to be stored, based on any two data to be stored, to obtain the data feature coefficients corresponding to the two data to be stored. The association analysis unit is used to obtain the weight coefficients corresponding to each data feature dimension based on the analytic hierarchy process, and to obtain the association strength weights based on the weight coefficients and data feature coefficients corresponding to each data feature dimension and the weighted summation formula.